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Tip: Try rennoving quotes from your search to get more results. 



Your search - "encrypted password" "login packet" "hashed challenge" - did not match 
any docunnents. 



Suggestions: 

• Make sure all words are spelled correctly. 

• Try different keywords. 

• Try more general keywords. 

• Try fewer keywords. 
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Nothing Found 

Your search for +"hashed challenge", +"encrypted password" "login packet" did not 

return any results. 

You may want to try an Advanced Search for additional options. 

Please review the Quick Ti ps below or for more information see the Sea rch Tips. 

Quick Tips 

• Enter your search terms in lower case with a space between the terms. 

sales offices 

You can also enter a full question or concept in plain lan guage. 

Where are the sales offices? 

• Capitalize pro per nouns to search for specific people, places, or 
products. 

John Colter, Netscape Navigator 

• Enclose a phrase in double quotes to search for that exact phrase. 

"museum of natural history" "museum of modern art" 

• Narrow your searches by using a + if a search term must appear on a 
page. 

museum +art 

• Exclude pages by using a - if a search term must not appear on a page. 

museum -Paris 

Combine these techniques to create a specific search query. The better 
your description of the information you want, the more relevant your 
results will be. 

museum ^"natural history" dinosaur -Chicago 
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^ S amba 's Encryp ted Password Su pport 
John Blair 

December 1998 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: [g] htmi(13.48 KB) Additional Information: full citation, abstract. iodexM 

How SMB-encrypted passwords actually works and a walk-through the steps required to 
enable encrypted passwords in Samba 

2 Easy entry: the password encryptio n problem 
Jason Gait 

July 1978 ACM SIGOPS Operating Systems Review, volume 12 issue 3 
Publisher: ACM Press 

Full text available: Ij.RdfiSM ^^^^.^^^^ information: full citation, r eferences 
KB) 



□ 



^ Password crackin g: a g ame of wits Q 
^ Donn Seeley 

^ June 1989 Communications of the ACM, volume 32 issue 6 
Publisher: ACM Press 

c II* ♦ I ui ris% ^x/Aoo no Additional Information: full citatioH, abstfact, referencBS, citings, index 
Full text available: TO] pdf(488.03 KB) — - — — ^ " ~ " 

terms, r evi ew 

The following report has been gleaned from "A Tour of the Worm," an in-depth account of 
the November Internet infection. The author found the worm's crypt algorithm a 
frustrating, yet engaging, puzzle. 



^ The internet worm prog ram: an analysis Q 
Eugene H. Spafford 

>^ January 1989 ACfA SIGCOi^M Computer Communication Review, volume 19 issue 1 
Publisher: ACM Press 

Full text available: ^ pdf( 2.45 MB) Additional Information: full citation , abstrac t, citings, i ndex terms 

On the evening of 2 November 1988, someone infected the Internet with a worm 
program. That program exploited flaws in utility programs in systems based on BSD- 
derived versions of UNIX. The flaws allowed the program to break into those machines 
and copy Itself, thus infecting those systems. This program eventually spread to 
thousands of machines, and disrupted normal activities and Internet connectivity for 
many days. This report gives a detailed description of the components of the ... 
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5 Unified login with plu ggable authentication modules (PAM) Q 
Vipin Samar 

January 1996 Proceedings of the 3rd ACM conference on Computer and 
communications security 

Publisher: ACM Press 

Full text available: ^ p df(1.12 MB) Additional Information: full cit a t ion , re feren c es , index t erms 




Augmente d en cry pted key exchang e: a p as s w o rd-base d pro toc ol secure against I I 
dictionary attacks and password file compromise 
Steven M. Bellovin, Michael Merritt 

December 1993 Proceedings of the 1st ACM conference on Computer and 
communications security 

Publisher: ACM Press 

Full text available: -a pdf( 62Q.Q9 K B) Additional Information: fuLcitatjon. abstract. leferences, dtings. iQdex 

terms 

The encrypted key exchange (EKE) protocol is augmented so that hosts do not store 
cleartext passwords. Consequently, adversaries who obtain the one-way encrypted 
password file may (i) successfully mimic (spoof) the host to the user, and (ii) mount 
dictionary attacks against the encrypted passwords, but cannot mimic the user to the 
host. Moreover, the important security properties of EKE are preserved— an active 
network attacker obtains insufficient information to mount dictionary attac ... 

Session 3A: Networks: Heuristic authentication protocol for TCP/IP network I I 

ap plic at i o ns under UNIX 

A. H. Wadaa, H. M. Abdel-Wahab, John McHugh 

April 1992 Proceedings of the 30th annual Southeast regional conference 

Publisher: ACM Press 

Full text available: ^ pdf(471.15 KB ) Additional Information: full citation, a bstr a c t, references 

Networking has brought about the potential of distributed applications to the user. 
Typically in such applications there are several different interacting processes that run in 
multiple hosts and communicate across the network for exchanging data and exercising 
control. Authentication is an intrinsic activity in the context of distributed applications. A 
server process has to authenticate a client process, possibly running on another network, 
prior to granting service to that client. A password ... 

Keywords: Authentication, Client/Server Model, Distributed Systems, Encryption, 
Security, TCP/IP Protocols, UNIX Network Programming 



Role-based access control on the web Q 
February 2001 ACM Transactions on Information and System Security (TISSEC), volume 

4 Issue 1 
Publisher: ACM Press 

Full text available: m pdf(331.03 KB) Additional Information: full citation , abstract, references , citings, index 
^ " terms , review 

Current approaches to access control on the Web servers do not scale to enterprise-wide 
systems because they are mostly based on individual user identities. Hence we were 
motivated by the need to manage and enforce the strong and efficient RBAC access 
control technology in large-scale Web environments. To satisfy this requirement, we 
identify two different architectures for RBAC on the Web, called user-pull and server-pull. 
To demonstrate feasibility, we im ... 

Keywords: WWW security, cookies, digital certificates, role-based access control 
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^ Password security; a case history I | 

Robert Morris, Ken Thompson 

November 1979 Communications of the ACM, volume 22 issue 11 
Publisher: ACM Press 

Full text available: ^ pdf(4 46.89 KB ) Additional Information: full citation , ab s tract , referenc es, citin gs 

This paper describes the history of the design of the password security scheme on a 
remotely accessed time-sharing system. The present design was the result of countering 
observed attempts to penetrate the system. The result is a compromise between extreme 
security and ease of use. 

Keywords: computer security, operating systems, passwords 



Introducin g Samba I I 

John Blair 

July 1998 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available. ^ MoilClS:!! Additional Information: full citation , abstrac t, references , index terms 
KB) 

When you need to network your Linux box with Windows, Samba is the way to do it 

Public-key cry ptogra phy and password protocols I I 

Shai Halevi, Hugo Krawczyk 
>^ August 1999 ACM Transactions on Information and System Security (TISSEC), volume 2 
Issue 3 
Publisher: ACM Press 

Full text available- ^fl pdf(275 84 KB) Add't'O"^' Information: full citation , abstract , references , citin gs, index 
' ^ " ~ ' terms , review 

We study protocols for strong authentication and key exchange in asymmetric scenarios 
where the authentication server possesses '^a pair of private and public keys while the 
client has only a weak human-memorizable password as its authentication key. We 
present and analyze several simple password authentication protocols in this scenario, 
and show that the security of these protocols can be formally proven based on standard 
cryptographic assumptions. Remarkably, our analysis shows optimal re ... 

Keywords: dictionary attacks, hand-held certificates, key exchange, passwords, public 
passwords, public-key protocols 



^ ^ S ystem Administrat i on: Getti ng th e NT Out -and the Linux In I I 

David C. Smith 
July 2000 Linux Journal 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: jj] htmi (12 .11 KB ) Additional Information: full citation , abstract, references , index terms 

An overview of configuring Linux using Samba to replace the services provided from 
Windows NT servers. 

World Wide Web based g rades mana g ement I I 

^ Atsuyuki Morishima, Hiroyuki Kitagawa 

^ April 1997 Proceedings of the 1997 ACM symposium on Applied computing 

Publisher: ACM Press 

Full text available: ^ pdf{ 388.64 KB) Additional Information: full citation , index terms 



Keywords: Internet, JAVA, class management, grading system 
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User Administration: How to successfully manage your users 
David Bandel 

December 1997 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: g) html (20.99 KB) Additional Information: full citation , index terms 



Hi g h dictionary compression for proactive password checking I I 

Francesco Bergadano, Bruno Crispo, Giancarlo Ruffo 

November 1998 ACM Transactions on Information and System Security (TISSEC), 

Volume 1 Issue 1 
Publisher: ACM Press 

Full text available- Wi pdf(.141 89 KB) A^^'*'^"^' Information: full citation , abstract , references , citin gs, index 
• [Aj ^ terms , review 

The Innportant problenn of user password selection is addressed and a new proactive 
password-checking technique Is presented. In a training phase, a decision tree is 
generated based on a given dictionary of weal< passwords. Then, the decision tree is used 
to determine whether a user password should be accepted. Experimental results 
described here show that the method leads to a very high dictionary compression (up to 
1000 to 1) with low error rates (of the order of 1%). A prototype implementat ... 

Keywords: access control, decision trees, password selection, proactive password 
checking 



Public-key cn/ptography and password protocols 
Shai Halevi, Hugo Krawczyk 

November 1998 Proceedings of the 5th ACM conference on Computer and 
communications security 

Publisher: ACM Press 

Full text available: ^ pdf( 1.28 MB) Additional Information: fuli citatio n, references , citin gs, index terms 




''^ O n impr ov e me n t s t o p assword secur ity Q 
Kamaljit Singh 

^ January 1985 ACM SIGOPS Operating Systems Review, volume 19 issue i 
Publisher: ACM Press 

Full text available: ^ pdf( 365.56 K B ) Additional Information: full citation , abstract , refer ences 

Due to the increasing value of information being stored in computers, it is important that 
unforgeable user authentication policies are implemented. Existing password 
authentication schemes, threats and counter-measures are described. A solution to 
eavesdropping problems using public-key cryptography is proposed. A technique to allow 
long password-phrases that makes an exhaustive search impracticable is presented. 

''^ A system for ma naging shared files I I 

Neil W. Rickert 

April 1985 ACM SIGSOFT Software Engineering Notes, volume lo issue 2 
Publisher: ACM Press 

Full text available: QDdf( 4Q1.10 KB ) Additional Information: full citation 



U NIX security in a supercomputin g environment I I 

^ M. Bishop 

^ August 1989 Proceedings of the 1989 ACM/IEEE conference on Supercomputing 
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Publisher: ACM Press 

Full text available: ^ pdf(860.50 KB) Additional Information: full citation , abstract , referenc es, index terms 

The UNIX@@@@ operating system is designed for collaborative work and not for 
security. Vendors have modified this operating system (in some cases, radically) to 
provide levels of security acceptable to their customers, but the versions used in 
supercomputing environments would benefit from enhancements present in so-called 
secure versions. This paper discusses the need for security in a supercomputing 
environment and suggests modifications to the UNIX operating system that would 
decrease th ... 
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Crisis and afte rm ath I I 

E. H. Spafford 

June 1989 Communications of the ACM, volume 32 issue 6 
Publisher: ACM Press 

Full text available- j^gjlpdf d 18 MB) Additional Information: f ull citati on, a bstract , r efer ences , citings, in de x 

terms, review 

Last November the Internet was infected with a worm program that eventually spread to 
thousands of machines, disrupting normal activities and Internet connectivity for many 
days. The following article examines just how this worm operated. 
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